package com.fredia.terp.controller;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.fredia.terp.imodel.UserModel;
import com.fredia.terp.model.User;
import com.fredia.terp.service.UserService;

/**
 * 
 * @author : wangyong
 * @since : 2017年6月12日
 * @version : v0.0.1
 */
@Controller
public class HomeController {

	private static final Logger logger = LoggerFactory.getLogger(HomeController.class);
	@Resource
	private UserService userService;

	@RequestMapping(value = "/login", method = RequestMethod.GET)
	public String login() {
		return "login";
	}

	@RequestMapping(value = "/login", method = RequestMethod.POST)
	public String login(HttpServletRequest request, User user, Model model) {
		if (StringUtils.isEmpty(user.getUsername()) || StringUtils.isEmpty(user.getPassword())) {
			request.setAttribute("msg", "用户名或密码不能为空！");
			return "login";
		}
		Subject subject = SecurityUtils.getSubject();
		UsernamePasswordToken token = new UsernamePasswordToken(user.getUsername(), user.getPassword());
		try {
			subject.login(token);
			return "redirect:usersPage";
		} catch (LockedAccountException lae) {
			token.clear();
			request.setAttribute("msg", "用户已经被锁定不能登录，请与管理员联系！");
			return "login";
		} catch (AuthenticationException e) {
			token.clear();
			request.setAttribute("msg", "用户或密码不正确！");
			return "login";
		}
	}

	@RequestMapping(value = { "/usersPage", "" })
	public String usersPage() {
		return "user/users";
	}

	@RequestMapping("/rolesPage")
	public String rolesPage() {
		return "role/roles";
	}

	@RequestMapping("/resourcesPage")
	public String resourcesPage() {
		return "resources/resources";
	}

	@RequestMapping("/403")
	public String forbidden() {
		return "403";
	}

	@RequestMapping(value = "/register", method = RequestMethod.GET)
	public String register() {
		return "register";
	}

	@RequestMapping(value = "/register", method = RequestMethod.POST)
	public String register(HttpServletRequest request, UserModel userModel, Model model) {
		if (StringUtils.isEmpty(userModel.getUsername()) || StringUtils.isEmpty(userModel.getPassword())) {
			request.setAttribute("msg", "用户名或密码不能为空！");
			return "/register";
		}

		User user = UserModel.toUser(userModel);
		boolean bl = userService.register(user);
		if (bl == true)
			return "redirect:usersPage";
		request.setAttribute("msg", "用户已存在！");
		return "login";
	}
}
